24.6 million accounts compromised in Sony Online Entertainment breach

It would appear that Sony cannot catch a break these past few weeks. We’ve kept you updated on the recent PSN outage and security breach that occurred where 77 million PSN user accounts were compromised.

The latest news from Sony is that information from 24.6 million Sony Online Entertainment accounts has been illegally obtained by the same breach.
SOE, which handles many of Sony’s MMOs such as DC Universe Online and Free Realms, revealed in a press release that “personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007.” This includes the following:

name

address

e-mail address

birthdate

gender

phone number

login name

hashed password.

In addition to the information above, approximately 12,700 non-U.S. credit card numbers and expiration dates, and 10,700 direct debit records from accounts in Austria, Germany, Netherlands and Spain have been stolen. These debit records include:

bank account number

customer name

account name

customer address

In a statement to GamesIndustry.biz, Sony has said that of the 12,700 credit card details stolen, only about 900 are currently active and the rest were out of date.

The company fully believes that their main credit card database, which is stored in a separate and secure environment, has not been compromised either.

In terms of compensation, SOE plan to give customers an additional 30 day subscription plus one day for each day the system is down. In addition, they will implement a “make good” plan for DCUO and Free Realms. Details will be released shortly.